From 68017b66fdbcc1ea5b19876252ce813d20cab60c Mon Sep 17 00:00:00 2001
From: Kirk Baird <baird.k@outlook.com>
Date: Thu, 21 Feb 2019 14:23:21 +1100
Subject: [PATCH] Fuzzing for Vec<u8>

---
 eth2/utils/ssz/fuzz/Cargo.toml                |  8 +++++++
 .../fuzz_targets/fuzz_target_vec_decode.rs    | 21 +++++++++++++++++++
 .../fuzz_targets/fuzz_target_vec_encode.rs    | 15 +++++++++++++
 3 files changed, 44 insertions(+)
 create mode 100644 eth2/utils/ssz/fuzz/fuzz_targets/fuzz_target_vec_decode.rs
 create mode 100644 eth2/utils/ssz/fuzz/fuzz_targets/fuzz_target_vec_encode.rs

diff --git a/eth2/utils/ssz/fuzz/Cargo.toml b/eth2/utils/ssz/fuzz/Cargo.toml
index 081afdcb9..c76cbbbde 100644
--- a/eth2/utils/ssz/fuzz/Cargo.toml
+++ b/eth2/utils/ssz/fuzz/Cargo.toml
@@ -83,3 +83,11 @@ path = "fuzz_targets/fuzz_target_address_decode.rs"
 [[bin]]
 name = "fuzz_target_address_encode"
 path = "fuzz_targets/fuzz_target_address_encode.rs"
+
+[[bin]]
+name = "fuzz_target_vec_decode"
+path = "fuzz_targets/fuzz_target_vec_decode.rs"
+
+[[bin]]
+name = "fuzz_target_vec_encode"
+path = "fuzz_targets/fuzz_target_vec_encode.rs"
diff --git a/eth2/utils/ssz/fuzz/fuzz_targets/fuzz_target_vec_decode.rs b/eth2/utils/ssz/fuzz/fuzz_targets/fuzz_target_vec_decode.rs
new file mode 100644
index 000000000..048d19ee5
--- /dev/null
+++ b/eth2/utils/ssz/fuzz/fuzz_targets/fuzz_target_vec_decode.rs
@@ -0,0 +1,21 @@
+#![no_main]
+#[macro_use] extern crate libfuzzer_sys;
+extern crate ethereum_types;
+extern crate ssz;
+
+use ethereum_types::{Address, H256};
+use ssz::{DecodeError, Decodable};
+
+// Fuzz ssz_decode()
+fuzz_target!(|data: &[u8]| {
+    let _result: Result<(Vec<u8>, usize), DecodeError> = Decodable::ssz_decode(data, 0);
+    /*
+    let _result: Result<(Vec<u16>, usize), DecodeError> = Decodable::ssz_decode(data, 0);
+    let _result: Result<(Vec<u32>, usize), DecodeError> = Decodable::ssz_decode(data, 0);
+    let _result: Result<(Vec<u64>, usize), DecodeError> = Decodable::ssz_decode(data, 0);
+    let _result: Result<(Vec<usize>, usize), DecodeError> = Decodable::ssz_decode(data, 0);
+    let _result: Result<(Vec<Address>, usize), DecodeError> = Decodable::ssz_decode(data, 0);
+    let _result: Result<(Vec<H256>, usize), DecodeError> = Decodable::ssz_decode(data, 0);
+    let _result: Result<(Vec<bool>, usize), DecodeError> = Decodable::ssz_decode(data, 0);
+    */
+});
diff --git a/eth2/utils/ssz/fuzz/fuzz_targets/fuzz_target_vec_encode.rs b/eth2/utils/ssz/fuzz/fuzz_targets/fuzz_target_vec_encode.rs
new file mode 100644
index 000000000..6980e5d20
--- /dev/null
+++ b/eth2/utils/ssz/fuzz/fuzz_targets/fuzz_target_vec_encode.rs
@@ -0,0 +1,15 @@
+#![no_main]
+#[macro_use] extern crate libfuzzer_sys;
+extern crate ethereum_types;
+extern crate ssz;
+
+use ethereum_types::{Address, H256};
+use ssz::SszStream;
+
+// Fuzz ssz_decode()
+fuzz_target!(|data: &[u8]| {
+
+    let mut ssz = SszStream::new();
+    let data_vec = data.to_vec();
+    ssz.append(&data_vec);
+});